You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Kevin Risden (Jira)" <ji...@apache.org> on 2019/11/09 18:56:00 UTC
[jira] [Comment Edited] (KNOX-2098) OWASP Add Nov 2019 suppressions
for false positives
[ https://issues.apache.org/jira/browse/KNOX-2098?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16970839#comment-16970839 ]
Kevin Risden edited comment on KNOX-2098 at 11/9/19 6:55 PM:
-------------------------------------------------------------
{code:java}
mvn -DskipTests=true -Dcheckstyle.skip=true -Dspotbugs.skip=true -Dmdep.skip=true -Djacoco.skip=true -Powasp package org.owasp:dependency-check-maven:5.2.2:aggregate
{code}
Then the dependency check report will be in the top level target directory.
was (Author: risdenk):
{code:java}
mvn install -DskipTests
mvn -Powasp verify
{code}
Then the dependency check report will be in the top level target directory.
> OWASP Add Nov 2019 suppressions for false positives
> ---------------------------------------------------
>
> Key: KNOX-2098
> URL: https://issues.apache.org/jira/browse/KNOX-2098
> Project: Apache Knox
> Issue Type: Task
> Components: Build
> Reporter: Kevin Risden
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.4.0
>
>
> KNOX-1660 did this about a year ago. Would be good to add new suppressions since there are a few false positives in the owasp report.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)